brad at danga.com
Wed May 18 12:09:27 PDT 2005
Starting point, yeah.
Some countries have a flat namespace like *.com:
I mean, look yourself: :-)
On Wed, 18 May 2005, Martin Atkins wrote:
> Brad Fitzpatrick wrote:
> > It's up to the identity server to do the right thing here. It doesn't
> > affect the protocol.
> > I'm sure we'll build a recommended list of domain suffixes which SHOULDN'T
> > be wildcarded.
> Netscape's Cookie spec says:
> Only hosts within the specified domain can set a cookie for a domain
> and domains must have at least two (2) or three (3) periods in them
> to prevent domains of the form: ".com", ".edu", and "va.us". Any
> domain that fails within one of the seven special top level domains
> listed below only require two periods. Any other domain requires at
> least three. The seven special top level domains are: "COM", "EDU",
> "NET", "ORG", "GOV", "MIL", and "INT".
> Limitations of not including "museum" and "coop" aside, this seems like
> a reasonable starting point.
More information about the yadis